Home > Vulnerability Database > CVE-2004-0685

Mend Vulnerability Database

CVE-2004-0685

Date: October 25, 2004

Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.

Severity Score

5.9

Related Resources (5)

Url: http://www.trustix.net/errata/2004/0041/

Url: http://www.debian.org/security/2006/dsa-1069

Url: https://bugzilla.fedora.us/show_bug.cgi?id=2336

Url: https://nvd.nist.gov/vuln/detail/CVE-2004-0685

Url: https://www.mend.io/vulnerability-database/CVE-2004-0685

Severity Score

5.9

CVSS v3.1

Base Score:	5.9
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	4.6
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend Vulnerability Database

We found results for “”

CVE-2004-0685

Date: October 25, 2004

Severity Score

Related Resources (5)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?